The Top 10 Security Breaches Of 2015

Quora
, ContributorOpinions expressed by Forbes Contributors are their own.

Continued from page 7

When it happened: July 2015

No of records compromised: 37 million clientele records

Ashley Madison made headline after a hacking group, the Impact team penetrated its servers and published the information of all 37 million users online.

The hackers leaked maps of sensitive information - including internal company servers, employee network account information, company bank account data and salary information. According to security consultant Gabor Szathmari, Ashley Madison may have made things easy for their attackers by writing a variety of credentials directly into their source code -- including database credentials, SSL private keys, Twitter OAuth tokens, and Amazon Web Services credentials.

In addition, the database passwords Szathmari found "were between 5 and 8 characters, and many of them contained 2 character classes only.” Aside from hardcoded credentials, Szathmari also noted that the website didn't employ form or email validation to help screen out bots.